Three Shades of Privacy

Tracy Mitrano by Tracy Mitrano, Mitrano & Associates
Monday, April 18, 2016

More than any of the other Big Five (Google, Facebook, Amazon, Apple and Microsoft), Microsoft has seriously challenged the government in the courts on electronic surveillance. This proactive case in the Washington federal court is a companion to the one in the Second Circuit that questions the Department of Justice overreach to demand consumer email in servers held outside of the United States without the benefit of clear law on that point. As I have argued previously, I support Microsoft in these efforts even as I did not Apple in the iPhone case. The difference lies between unsettled and settled law, respectively, and in a thoughtful, sound approach taken by Microsoft in contrast to the shooting from the hip, technology-centric tact taken by Apple. Whatever your views, these are very worthy topics for us to debate.

What Agency Can Benefit The Most From IoT/CSP?

Scott Andersen by Scott Andersen, ActioNet
Friday, April 15, 2016

The huge IoT impact point in the next couple of years will be in the world of data. The production of, consumption of and analysis of data produced by sensors. Many government agencies have already embraced Cyber Physical Systems (IoT) and continue to push further and further into the world of data production, movement and analyses.

Data security is the next evolution of public safety debate

Julie Anderson by Julie Anderson, AG Strategy Group
Wednesday, March 23, 2016

Recently, a group of law enforcement stakeholders discussed creating and managing body-worn camera programs that ensure data security and protect privacy for all those affected. Participants from International Association of Chiefs of Police, the National District Attorneys Association, American Civil Liberties Union and other law enforcement groups examined how standards and best practices can be implemented to balance privacy and security when deploying body-worn cameras. Their participation made it clear that we need a consensus on the policy that will most strongly protect the critical information that these cameras will gather daily. Fortunately, the FBI created a new Criminal Justice Information System (CJIS) security policy that addresses the challenge of securing law enforcement video surveillance data. This policy prescribes methods of data collection, transmission, storage and destruction, providing a standard level of data protection for all criminal justice information. The International Association of Chiefs of Police (IACP) also issued guidance about how these standards apply to cloud-based technology used by state and local police departments.

Is the New Post-Safe Harbor Data Privacy Law a Silver Bullet or a First Step?

H. Bryan Cunningham by Bryan Cunningham, Cunningham Levy LLP
Friday, March 18, 2016

How does the Judicial Redress Act fit in? In striking down Safe Harbor, the European Court of Justice found in it at least two fatal flaws: First, it found privacy protections under Safe Harbor inadequate because they lacked an “independent oversight mechanism that is both effective and impartial” and that “effective remedies need to be available” for European citizens to seek judicial relief if they feel their privacy is violated by the U.S. government. The JRA is intended to provide Europeans with similar rights to seek relief, at least under one U.S. law, as Americans enjoy. Second, the ECJ separately invalidated the Safe Harbor Agreement based on its conclusion that U.S. government intelligence surveillance and data collection activities were inconsistent with EU Privacy law.

The Evolution Of The Connected Cloud

Scott Andersen by Scott Andersen, ActioNet
Friday, March 11, 2016

There is a change coming to cloud computing. The concept of cloud service providers is going to change, with the advent and inclusion of data from Cyber Physical Systems (CPS), sometimes called the Internet of Things (IoT). Today, IoT devices produce more data that virtually every other producing system. Most of the data they produce isn’t used or even noticed.

US-UK data cooperation: A model for the world

Paul Rosenzweig by Paul Rosenzweig, The Chertoff Group
Tuesday, March 1, 2016

The United States and the United Kingdom are negotiating a new data access agreement that would benefit both countries, and serve as a model for similar agreements between the US and other Western nations. According to Congressional testimony from the US Department of Justice (DOJ) the draft agreement would permit American companies to "disclose data directly to the United Kingdom for serious criminal and national security investigations," after UK authorities had gotten legal authorization to access the data from UK courts. That would eliminate a procedural hurdle that delays investigations. Today officials from the UK (and anywhere else in the world) must request the data through the US government instead of going directly to the company - a process that often takes many months. The agreement would, of course be reciprocal. According to The Washington Post, American law enforcement would, similarly, be free to serve warrants for content directly to companies in the UK.

Prosecutors’ Perspective on PoliceBody-Worn Cameras

H. Bryan Cunningham by Bryan Cunningham, Cunningham Levy LLP
Monday, February 22, 2016

BWCs will document highly probative evidence in criminal cases, including admissions of guilt, identifications of suspects, witness statements, and crime scene details. They also will capture citizens in some of their most vulnerable and embarrassing moments, such as domestic violence situations, and in situations where no crime is involved, like helping the ill or injured. Such information requires high levels of security and protection to ensure the confidentiality and integrity of this BWC data. Robust security of BWC data serves two critical purposes. First, this extremely sensitive information needs to be protected from hackers and employees of third parties, such as cloud storage providers, who have no clear, mission-related need to access BWC recordings. Second, for BWC data to be used in court, prosecutors must authenticate the recordings by showing they were produced and maintained through proper technical and policy protocols for camera use, uploading footage, case management, and storage.

You purchased a body camera ... now what?

Jeff Gould by Jeff Gould,
Wednesday, February 17, 2016

Ready or not, America’s law enforcement are about to deploy body-worn video on an unprecedented scale. You may be one of these agencies. Based on a recent survey conducted jointly by the Major City Chiefs and the Major City Sheriffs, the two associations estimate that 97 percent of their members are “moving forward with body camera systems.” But are agencies large, small and in between ready for this massive deployment of a new technology that is still rapidly evolving? Do they have the necessary IT infrastructure to handle so many cameras? Do they have enough trained staff to manage so much video? Can they reconcile the sometimes conflicting demands of technology and policy? According to Darrel Stephens, Executive Director of the Major City Chiefs Association (MCC), the answer to all these questions appears to be: “not yet.”

Digital Security Requires a Legislative Overhaul

Michael Chertoff by Michael Chertoff, Chertoff Group
Friday, February 12, 2016

Building on the EU-U.S. Privacy Shield and the U.S.-U.K. negotiations, we must continue to move beyond a system in which critical digital privacy issues are governed in an ad hoc manner. This system is broken. The time is ripe for a comprehensive legislative overhaul of the antiquated laws that currently govern when and how law enforcement officials may access citizens’ private electronic communications.

Surfing the body-worn camera wave

Paul Rosenzweig by Paul Rosenzweig, The Chertoff Group
Wednesday, February 10, 2016

In mid-January, the International Association of Chiefs of Police, the Major Cities Chiefs Association, and the Police Foundation hosted a day-long review of the current state of deployment of BWCs at the Newseum in Washington, D.C. If the expert recommendations from that event could be summarized in a single phrase it would be: “Proceed with caution.” The move to BWC deployment occurs in the context of a broader discussion of the proper role of police forces around the world and, at least in the United States, the nature of the interaction between police and the citizens they are sworn to protect. How will that change occur and what are some of the pitfalls? The key takeaway from the conference was that, first and foremost, agencies must have a plan. Many experts report departments that have moved to purchase and use BWCs without giving significant consideration to all aspects of the change. Agences that rush ahead without preparation risk being drowned in a wave of new implementation and policy contradictions. Some of the pitfalls are obvious; others have come as a shock to many who are moving toward implementation. Here are just a few of the issues that experts identified: